Posted
by
timothyon Saturday February 01, 2014 @03:32AM
from the ask-not-what-your-country-can-destroy-for-you dept.

An anonymous reader writes "On Saturday 20 July 2013, in the basement of the Guardian's office in Kings Cross, London, watched by two GCHQ technicians, Guardian editors destroyed hard drives and memory cards on which encrypted files leaked by Edward Snowden had been stored. This is the first time footage of the event has been released."

Look, I agree that this is a pretty bad transgression on the part of British government, but let's keep a bit of perspective.

If anything it is slightly comical that these people think they can destroy digital information with drills and grinders and so on. Obviously they really don't, GHCQ do not have a reputation of being digitards.

So this is a message, the presence of cameras confirms it. On the one hand to the assorted press, watch your step. On the other hand to their US c

If anything it is slightly comical that these people think they can destroy digital information with drills and grinders and so on. Obviously they really don't, GHCQ do not have a reputation of being digitards.

Ignoring the fact that copies exist (and everyone involved knew that), physical destruction is in fact the recommended way to destroy the data on a hard drive, SSD drive, flash memory, etc. etc.

You can overwrite the drive 50 times and you can not be certain that the data is unrecoverable. If you put a grinder to the drive surface, you can be very certain of that.

There's a reason the military shreds harddrives when it disposes of them.

You can overwrite the drive 50 times and you can not be certain that the data is unrecoverable.

That hasn't been true for about 20 years now. Overwrite your data once and it's gone. Even if you don't overwrite it randomly no data recovery group have been shown to be capable of recovering overwritten data even in the face of great monetary incentive.

There's a reason the military shreds harddrives when it disposes of them.

Yes but it has nothing to do with data possibly being recoverable. It's entirely to do with removing all doubt if a procedure has been applied. If you look at a drive you have no way of knowing if the data has been wiped or if there's anything recoverable on it. If you look at small shards of what's left of a drive then there's no doubt. It doesn't mean that other methods aren't equally secure, just harder to administrate.

Overwrite your data once and it's gone. Even if you don't overwrite it randomly no data recovery group have been shown to be capable of recovering overwritten data

That's if you want the data to be overwritten and you're the owner of the drive. If you want to delete data on someone else's drive, you would have to ensure that the drive does not have some custom firmware installed that messes with the overwriting process...

You can overwrite the drive 50 times and you can not be certain that the data is unrecoverable.

Bullshit. If your drive works fine, even after single (or two, if you are paranoiac) overwrite with random data no-fucking-body in the whole universe will recover anything.

There's a reason the military shreds harddrives when it disposes of them.

But for completely different reasons what you think, its because:- your drive might be faulty so the overwrite is actually not performed- could be faster (overwrite of big disk can take hours)- the destruction can be performed by IT-ignorant, non-technical guy- the destruction process can be easily CONTROLLED by another non-technical persons.

This last one is actually main reason: in such process there are usually more people involved which "watch each other".However control of soft (data-only) destruction is very difficult: even if all involved people would be highly technically capable (including your commanding officer), It is difficult to assure that the other guy does not use (intentionally or unintentionally) wrong, hacked or faulty software, does not make copy during overwrite, makes proper control read after the process etc...

Bullshit. If your drive works fine, even after single (or two, if you are paranoiac) overwrite with random data no-fucking-body in the whole universe will recover anything.

Partially true, but not entirely.

True, in modern drives we operate very close to the physical limites and overwriting is a lot more destructive than it used to be.

However, there are also so many intermediate layers and internal logic (like the relocation of faulty sectors another commenter pointed out) that you'd have to go very low-level to come even close to any assurance that everything actually has been physically overwritten.

Physical destruction is still the only way to be absolutely certain. All your

You can overwrite the drive 50 times and you can not be certain that the data is unrecoverable.

Actually, this is an old myth, which had some truth to it when hard disk weren't operating at the known physical limits. Then you could actually read some erased information by using a more sensitive magnetic head, which was able to tell the difference between a former one overwritten by zero and a former zero overwritten by zero. But this is no longer so. Any reserves that might have been in the magnetic surface of disk are now used to increase information density. The most sensitive reading heads available are those already built into the hard disks. Overwrite a section of the disk with zeros (or ones, whatever you like), and you can be sure that the information formerly there is safely overwritten.

You can overwrite the drive 50 times and you can not be certain that the data is unrecoverable.

If you can recover the data overwritten 50 times, then you also can recover the data overwritten 49 times (that is, the first set of data you've overwritten the original data with), the data overwritten 48 times (that is, the second set of data you've overwritten it with), the data overwritten 47 times, the data overwritten 46 times... and you'd have to be able to distinguish between them. which means that on a 500 gigabyte hard disk, you'd be able to recover 25 terabytes of data. I strongly doubt that this is possible.

You misunderstood "it is not 100% guaranteed to be gone" for "it is 100% guaranteed to be recoverable".

Sure, with each pass you will make some of the data gone for good. But your certainty is a limes function. So no, after x passes you won't be able to recover x * capacity in bytes. But you might be able to recover some of the original data.

If you want to reliably destroy the data on one particular storage medium, then physical destruction is the way to go.

This is totally apart from the question of whether or not other copies exist, it's a tangential issue. Funny how everyone except one troll who was intentionally looking for an axe to grind clearly got that meaning.

Re attempt at warning British whistle blowers what would happen if you cross the US.
This also happened in Australia with a book chapter on the Iraq and a hard-drive destroyed. http://www.igis.gov.au/annual_... [igis.gov.au]
"After the sensitive elements were deleted (but only those elements), each concerned person was given the choice of having the copy of their hard-drive (on a government supplied disk) destroyed in front of them. In some instances this offer was accepted. The purpose of such visible destruction

Generally when deleted files are able to be recovered, the bytes of the files weren't actually overwritten, they were merely marked as deleted by the filesystem.

Theoretically, when a file has been overwritten with known data, it is possible to use an electron microscope to recover what was there before, but as far as know, no one has been able to actually achieve this. Especially with modern hard drives that are more dense.

Generally when deleted files are able to be recovered, the bytes of the files weren't actually overwritten, they were merely marked as deleted by the filesystem.

Yes, but since a drive is partitioned into sectors, when you come back to recover the data from that free space, chances are good (depending on drive capacity and activity) that some of those sectors have already been claimed but other files.

I agree my example was misleading. You won't actually be missing every 5th character - you'll be missing large chunks somewhere within the document.

The NSA has backdoors into the major encryption systems, for example in RSA products. So recovery is basically trivial, if you rely on any products sold or provided by Microsoft, Apple, Google, etc. Every large US company in fact has too much to lose if they don't cooperate with the NSA, so pick any company where it makes sense for the NSA to put backdoors in. If that company still exists today, then you can conclude that it has a secret deal with the NSA to spy on its customers.

It was actually just Cameron being his usual thick-as-shit self. He requested that the drives be destroyed personally, apparently not realizing or understanding how little effect it would have. In fact it most likely had the opposite effect, ensuring that more material and this kind of negative publicity was put out. He really is a dumb fuck sometimes.

Saying "not quite the holocaust yet" is a bit of an understatement. And although you would never know it on Slashdot, there is a much more divided opinion in at least some societies about who was actually the "dick" at the heart of it.

"Another word about Snowden, AND the next supervised immediate destruction order will target all your reporters' computers, All your backoffice servers, All the servers in your web farm, and all your company's backup disks."

Nope, through computum entanglement, destroying the south bridge of the PC which had held the hard drive also destroyed all the copies.Quantum mechanics is a bit too complex for us peons, just trust the govt on this one.

In fact they claim it was made completely clear to the head honcho ordering the destruction that other copies did in fact exist and that this display would not change anything. It was purely a PR/attempted intimidation stunt.

What about good old paper copies? I hope that one of the curators actually prints all the documents out, and squirrels them away in the closed archive stacks of an obscure library somewhere. The problem with storing all the documents on hard drives makes them easier to destroy . . . one hard drive in the shredder, and you're done. Having them as paper copies might make it more difficult for the spooks to trace and destroy.

Of course, the curators will probably have to go hardcore with this. Multiple fol

What the hell was that? They threatened to shut down the Guardian if the media wasn't handed over; it appears though that they didn't have the balls to go through with the threat. Instead they came up with this bizarre compromise that involved 'destroying' the data. Why do this? Was it just a way for the government to save face and not have to back down from some crazy ass redline that threw out there? They must know that the files were immediately duplicated and spread around the world.
That was by far one of the strangest things I've ever seen a newspaper do.

I suspect The Guardian was mostly thinking "Sure, we'll play along with your little pantomime. It's not like it's actually going to make any difference." I suspect the technicians from GCHQ were thinking the same as well. Possibly with a side thought of "Well, it gets us out of Cheltenham for a day at least".

The laws are different over here in Europe, yes. But bland statements like the above just make me cringe. Some rights are stronger in the US, some are stronger in Europe, and it even differs by country.

And then there's the law on the one hand and enforcement on the other. The NSA didn't exactly get much opposition from Google, Microsoft and everyone else they've tapped into, did they? That's not new or "post 9/11", either. If you read up on the history of the NSA, you'll find that in the early days they went to the telegraph companies and without a court order they got copies of every telegraph message leaving or entering the USA.

The NSA didn't exactly get much opposition from Google, Microsoft and everyone else they've tapped into, did they?

I think the NSA got considerable opposition from Google, and knew from the beginning that it would, which is why Google was (per David Drummond) never even asked to provide broad access to user data. The revelation that the NSA might be tapping connections between data centers caused a crash project to make sure all of that traffic was encrypted, for example. In general, this stuff has really pissed Googlers off and Google engineers are working to plug every potential leak they can find.

Just as the laws differ, so do the horrible things the government does. Yeah, the GCHQ went to the Guardian to get a computer destroyed. Meanwhile, Obama will have you killed by a drone. And while there is armed military at London's airports, they don't have a TSA.

There are very rarely armed military personnel at UK airports. Them being there is highly unusual and worthy of comment. The uniformed armed people you usually see at UK airports are regular armed police. Although that itself is unusual in a national context (though not at airports); our police aren't routinely armed (it's in fact a specialization you have to qualify for).

Then again, the US is unique is having thousands of over the air radio and television stations living in mortal fear of anyone, anywhere saying "fuck" on the air for fear of massive fines from the FCC.

You do realize that the rest of the western world kind of snickers whenever you do some dumb-ass thing like freak out over the Janet Jackson "wardrobe malfunction?"

Well you haven't heard it enough apparently so I'm going to repeat it for you: America has way better protection for the press and general freedom of expression than Europe and the UK in particular.

And yet, both Freedom House and Reporters Without Borders rate the UK higher than the US with respect to freedom of the press. On paper the US has strong constitutional protection for the press. In practice, we're happy to ignore the constitution whenever it's inconvenient, and analysis of the actual treatment of the press demonstrates that.

Given its history, I think of the US Constitution as more a statement of good intent than any sort of iron clad protection or inalienable rights.

I mean, pretty well EVERY time the US has been stressed (by war, by politics, by circumstances) the Constitution and its amendments have been set aside, only for the Supreme Court or whatever to revisit the situation 10 or 20 years down the track (long after the damage has been done) to reinstate said rights and privileges... after which everybody apologizes to th

Which requires communication. Which is why NSA and its ilk are so hell-bent on wiretapping everything: to ensure any rebellion is crushed in the bud. Which, in turn, gives various governments ever greater assurance that they'll face no opposition no matter what they do, thus encouraging them to go farther.

It's a nasty vicious circle which could easily end up in another age of tyranny. It's why things like Tor [torproject.org] and Freenet [freenetproject.org] are so important: anonymous communication is the only way to organi

Definitely agree.I had a mate who's hard disk whose laptop wouldn't boot.He wanted to get all the personal data of it photos business accounts etc. so opened it up and took out the RAM and the the WIFI Card. And left them in his wood burner for a couple of days.

He then gave me the laptop.

I gave him back his hard drive and bought new ram and a wifi card.And told him to speak to me first next time.

People continue to do this stupid shit to perfectly good hardware, sure it's symbolic in this case to prove a point, none the less any of us here with a fucking grain of common sense realise it's a load of complete shit.

That data could've been copied 10,000 times over from that machine by now (obviously)

I viewed the video and I read the related article... and it says here:

A small team of trusted senior reporters examined Snowden's files in a secure fourth-floor room in the Guardian's King's Cross office. The material was kept on four laptops. None had ever been connected to the internet or any other network. There were numerous other security measures, including round-the-clock guards, multiple passwords, and a ban on electronics.

Okay, 4 laptops are fine. So why does the video show a desktop keyboard? And why is there a completely destroyed ATX desktop motherboard shown there?

The 'computer' was mentioned at 0.49 "drill out the hard disks" at 1.13 at 1.49 "computers"... I would guess some form of a working 'copy' on a desktop computer to be used with by staff in the room. From that internal redacted material could be made ready for publication vs the original material on laptops.

Okay, 4 laptops are fine. So why does the video show a desktop keyboard? And why is there a completely destroyed ATX desktop motherboard shown there?

OK That will teach me to read the article.

You are dead right, why a keyboard and possibly a PS/2 keyboard (do modern laptops support this connector any-more? Some other things that don't make sense is the tower PC power supply and the huge fans (I would love to see how they got them in a laptop). Also while we are at it how did they get a standard PC motherboard in a laptop.

As for grinding the boards well words fail me. I suppose that is a bit like destroying RAM especially when we all know those sneaky

Yes, let us NOW close the barn doors after the cats have escaped.....that will stop the cats from escaping!

From my view(USA), the U.K. seems to be following in our footsteps with afterburners engaged.

I remember when everyone was claiming computers would make life easier. LOL! Paperless offices FTW!(don't misunderstand; I like computers and networks, but from the beginning, I have always questioned the implementation of them as it occurred...one of the reasons why I don't own a cell phone, and studied networking so I could protect some of my privacy, just as I studied driving a vehicle before driving)

The cat is out of the bag/barn door, the best thing for the gov't.s involved is to admit it and make acceptable changes, but don't hold your breath waiting.

The question now is:Do we fight this crap, or grease up our bungholes and take like a good consumer?(we are no longer citizens or customers...just livestock consuming the crap corp.'s and their bitches(gov't) shovel out.

If you use the term 'consumer' for anything outside of eating and drinking, or physically using something to depletion, then you are part of the problem by accepting this crap.

Consume various media?I have NEVER eaten or drank an music or video file, I've watched/listened to them, and THEY ARE STILL THERE! So I could not have consumed them.

This may seem like an offtopic rant, but the brainwash mentality is what makes this crap work.

We have gotten into a mindset from this tactic that makes this shite easier to swallow, because we get used to swallowing shite. We have forgotten how to find out for ourselves, we WANT the 10 second soundbite because we are too busy swallowing the shite, to fit in with our shite swallowing peers.

I personally am too old, broken down, and poor to start the needed coup, but will gladly join in if it ever happens.

Here in the USA 20 years ago, if what happened under Bush jr.'s reign happened then, I would have started(or at least attempted) another revolution...strictly out of patriotic feelings for the oath I took to defend the Constitution of the USA, and Dubya and company would have been first against the wall to be shot as a traitor to the Constitution I pledged to uphold against enemies foreign and domestic.

Apparently, my peers are happy to have the following generations buggered, and now it's showing up.

In retrospect, I would include Obama and co. for not doing away with all of Bush/Cheney's constitutional violations.

As it stands, I will do everything within my power and ability to train and educate the younger generations to combat this crap.

Note to self: Quit posting when drinking!
I meant everything above, but focus and eloquence decline severely when drinking!

Apologies if I sound like some butthurt old geezer, but I am one, due to the 'War on Drugs', 'War on terrorism', War on this', War on that', alcohol is my only outlet short of ending up on the evening news as some nutjob taken out by the local SWAT Team.:-)

Well the gov internet searches seem to be for locations, names and further digital contacts as 1 - 2 - 3 hops to and from the press for example.
The vast illegal domestic surveillance system is built like an elint overflight of the Soviet Union collecting everything it can.
Its their network, every keystroke you make is kept, sorted, indexed, filed, read by a real person if your on a list...
Build on that - read up all you can on the side of politics you find interesting and write long detailed emails to m

It's probably been so long since they released it because GCHQ had to vet the video to make sure you couldn't reconstruct the document from the fragments visible during the video.

Actually... we came up with a device that can mess with entropy so much; that the dust particles are expected to spontaneously come back together and reassemble themselves into chips and disk drives, with no damage whatsoever,
and then the data wlill be retrievalbe again.

Even if it was true that one can economically retrieve data after it has been erased / overwritten a few times, the buzz-sawing of individual chips in this video fans the paranoia of people over hard drives. You can disassemble the hard drive, or hit it once with a ball peen hammer. Drilling multiple holes through ceramic chips borders on the Pythonesque. Perhaps they were being tongue-in-cheek during the application of physical overkill, but it fans the billion dollar planned obsolescence industry. Mo

No, just a bunch of smoking HDs. But seriously, a "smoking gun" is what you need in a case where the evidence is thus far not conclusive. In this case, however, I don't know of anything Snowden released which has been denied by officials and much of it has been confirmed or corroborated by others.

It's just a stupid as the US response taking out and replacing every part of every computer and network that Snowden accessed.

I mean, really - the CAT-5? Come on. Just a stupid excuse for work and so that they can claim "Oh he did millions of $$ damages, see we had to replace everything including a new coat of paint on the data center".

It's just a stupid as the US response taking out and replacing every part of every computer and network that Snowden accessed.

Disagree. No matter what you think of the NSA, in the whole circus they are one of the few people who actually know their stuff. These guys are scary good at what they do. If I had to clean up a place that was bugged by the NSA, I'd do the same - rip out everything and replace it.

You can buy keyloggers that fit into a USB plug these days. I'm pretty sure the NSA has stuff like Ethernet monitors that fit into slightly-larger-than-usual CAT-5 plugs. And if you consider the size of Raspberry Pi, you'll realize that you can fit a whole second computer into the case of another computer.

When your server gets rooted by a hacker, every security professional worth his money will tell you to wipe it and do a complete reinstall. There is no way to clean up the system without that where you can be certain that there's not a backdoor left somewhere you didn't look.

When your server gets rooted by a hacker, every security professional worth his money will tell you to wipe it and do a complete reinstall. There is no way to clean up the system without that where you can be certain that there's not a backdoor left somewhere you didn't look.

Depending on the nature of the server, I'd be tempted to replace the hardware as well and shred the old stuff as well.

Formatting a hard drive doesn't really remove everything, even a "secure" erase isn't the same thing as simply buying a new one.

When your server gets rooted by a hacker, every security professional worth his money will tell you to wipe it and do a complete reinstall. There is no way to clean up the system without that where you can be certain that there's not a backdoor left somewhere you didn't look.

Those were the good ol' days. These days everybody knows there are half a dozen backdoors in the various firmwares that even an OS wipe won't get. (disk, network, bios, etc)

However, it depends on your threat scenario. If you are the victim of a regular hack, i.e. someone gained entry over the network, then you know your hardware is unchanged, so you can keep it. That is the scenario I was referring to. If, of course, someone physically broke into your server room, you should mistrust your hardware unless you know exactly what they did and didn't do (say you have a video that you know was not tampered with).

If you do a wipe and restore of the OS from backup, from a date you can verifiably show was before the compromise; AND repair the security holes and vulnerabilities, and make sure to change all security credentials -- passwords, etc, , before reconnecting to the internet.

Then after so restoring... the biggest things you actually should worry about are.... (1) Something else on your network may likewise be compromised, such as other servers or networking infrastructure - especially anything Telnet i

Which would play right into the NSA's hands, as you move on from your torched building, and agents quietly recover some fireproof surveillance blackbox units which had been dropped down various walls, that your torching made retrieval a simple task.

Disagree. No matter what you think of the NSA, in the whole circus they are one of the few people who actually know their stuff.

If that were true, Snowden wouldn't have been able to access and distribute the sensitive security documents he did and we wouldn't be talking about this at all. Doesn't seem they are particularly competent with regards to security to me.

This is why the notion "It is OKAY if we have all these backdoors and all this data collection, the only quantum computer, etc, as long as it is controlled by strong security controls, laws, regulations, oversight" is absurd.

Yes he would, because his job and vetting level allowed him unsupervised access to materials at that level of protection. The flaw in their system was either their vetting - I have no idea if there was anything in Snowden's past that should have given them a reason to consider him unreliable - or that his access was unsupervised.

The problem with requiring supervised access to materials or infrastructure you (potentially) routinely access as part of your job is you've just doubled (at least) the number of p

The NSA failed at basic information security. There are plenty of corporate IT departments that have more robust information security than the NSA it would seem.

I didn't think I'd use that abbreviation ever again, but: ROTFLMAO

Most corporate IT security is a joke. There's a reason the security consulting business is thriving, and it's that when they get called in, they always find yet another problem. What corporate IT is good at is creating bullshit rules that placate management types and don't add any actual security. Yes, I'm looking at you, SOX. And don't get me wrong, I worked as the Senior Manager IT Compliance for a fairly big company. It was a lot of fun, b

NSA certainly bugs ethernet sockets – see http://images.dailytech.com/ni... [dailytech.com] .The amount of destruction on motherboard teaches us a thing: GCHQ destroyed elements they KNOW could be used for storing data/snooping. So we say ”morons”, but they actually are ahead of us in spying. And they expect other intelligences to have similar capacities as NSA/GCHQ.

When your server gets rooted by a hacker, every security professional worth his money will tell you to wipe it and do a complete reinstall.

And then get countermanded/overridden by the server or workstation technician or management, because wiping and reinstalling is too time consuming and/or expensive. Just get some antivirus and security scanners software setup, clean out all the malware, and resecure it, so the system works again.

Well, given that it was the Guardian destroying the computers under oversight of GCHQ, and they knew it was filmed, I can imagine them fulfilling the order ridiculously to the letter, to make the stupidity of it obvious without the GCHQ being able to complain.

No actually, having a journalistic intermediary that does vetting and filtering is a better approach. One of the -false- accusations against wikileaks was their undiscriminate leaking of classified documents.

Interviewer: "So come on, redactions are going on at the same time, now there isor isn't a row going on about redaction, I haven't the faintest cluewhether there is or isn't...?

Mr Assange: No, there's no row going on about redactions at all....There was agroup of reports where although they were not really intelligenceinformants there were sort of hotline tips...something called threatreports comprised one in five of the Afghan War Logs and so we heldthem back for a line by line redaction...But what we didn't do wasredact one in five lines, putting black marker through it, we justremoved them, and so it looked like we hadn't redacted everything butin fact we had redacted a fifth of all material, and this permitted anattack, a political attack, to come from The Times of London.... So TheTimes did a proxy war on The Guardian through us by attacking us....So most of those names were meant to be there, it is right forthem to be published, it is right to publish the names ofpoliticians, generals bureaucrats, etc, who are involved in thissort of activity, it is right even to publish the names of corrupt radiostations in Kabul that were taking SYOPS programme content. It isalso right to publish the names of those people who have beenkilled and murdered and who need to be investigated and it isright to publish the names of all incidental characters whothemselves are not at serious and probable risk of physical harm.Those incidental characters are someone who owns a company forexample is just involved in shipping operations.... So then there is thequestion were there any sort of villagers or so on who gaveinformation that might lead to reprisals, were there some of those?Um there were some villagers who - who had given information,um so that is a regrettable oversight, but it is not our, not merelyour oversight it was the oversight of the United States militarywho should've never included that material and who falselyclassified it, and who then made it available to everyone and itthen got out."

Assange never wanted to redact but was forced his media partners. Then he published the full unredacted cables on wikileaks' website. Which they denounced

In a joint statement, the Guardian, El Pais, New York Times and Der Spiegel said they "deplore the decision of WikiLeaks to publish the unredacted state department cables, which may put sources at risk".

And before you mention the password that appeared in David Leigh's book that was supposed to be for a temporary copy of the archive

WikiLeaks claimed its disclosure was prompted after conflicts between Assange and former WikiLeaks associates led to one highlighting an error made months before. When passing the documents to the Guardian, Assange created a temporary web server and placed an encrypted file containing the documents on it. The Guardian was led to believe this was a temporary file and the server would be taken offline after a period of hours.

However, former WikiLeaks staff member Daniel Domscheit-Berg, who parted acrimoniously with WikiLeaks, said instead of following standard security precautions and creating a temporary folder, Assange instead re-used WikiLeaks's "master password". This password was then unwittingly placed in the Guardian's book on the embassy cables, which was published in February 2011.

Separately, a WikiLeaks activist had placed the encrypted files on BitTorrent, a peer-to-peer file sharing network, in the hours before Julian Assange was imprisoned pending extradition proceedings in December 2010, as a form of insurance for the site. Fewer than five people knew of the existence of the site.

As former activists' disillusionment with WikiLeaks grew, one told German magazine Freitag about the link between the publicly available password and files in an attempt to highlight sloppy security at WikiLeaks. The magazine published the story with no information to identify the password or files.

WikiLeaks then published a series of increasingly detailed tweets giving clues about where the password might be found as part of its attempts to deny security failings on its own part. These are believed to have led a small group of internet users to find the files, which were published in a difficult-to-access format requiring significant technical skill, on rival leak site Cryptome.

Domscheit-Berg, often referred to as Assange's former deputy at WikiLeaks, condemned the password reuse. "The file was never supposed to be shared with anyone at all," he said. "To get a copy you would usually make a new copy with a new password. He [Assange] was too lazy to create something new."

Assange always wanted to released the unredacted cables because in his mind anyone who cooperated with the US deserves

More precisely, there really is no way for a journo to know what is dangerous to disclose and what isn't. The only source that could really tell us that are those who the information would embarrass to begin with.

At the very least they should put up a torrent of the encrypted full document dump as an insurance file against the US/England harassing more journalists or using extraordinary rendition. Glenn Greenwald's partner might not have been detained for 9 hours if there was a chance it would result in the release of all the documents.

So after an extended period of public debate followed by a government raid on the newspaper offices, did anyone actually believe that this small set of computers held the world's only copy of that set of files?

Apparently this guy thinks there are only a couple copies and they need to be physically returned to the NSA so they can be certain that no copies exist anywhere else. Or he's just being more obvious in deliberately implying things that are false than is normal even for someone in his position.